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iiN THE CI.AIMS 
Pleasts amend the claims as indicalcHl: 

1 . (currently amended) A process for accessing a non-nnterprisc JavaBean (RTR) Common 
Object Broker Request Architecture (CORBA) object mclhud on a serv^. said process 
comprising: 

receiving at the server a request for tlie non-RTR CORBA object method; 

directing said request to a shadow EJB object mctliod, said shadow EJB obj«:l method 
being a complementary method In the non-EJB CORBA object metho d, wherein the shadow EJB 
object method is inc apable of performing any flmction othci' than accessing an EJB sccuriLv 
system in response to a request for the shadow EiB obfect method, tlius enabling an 
authorization for a spc cilic requesting user to access a non-F.JB CORBA object that contains the 
nnn-EJB C0K13A object methoi;} : and 

obtaining authorization irom [[a seciuity service] J ihe FJB security system to access the 
non-EJB CORBA object method based on [[a role of a requesting utier]] an anthnrization Ibr the 
specific requesting u ser to access the shadow "GJB object . 

2, (currently amended) The process of claim 1, wherein the sci-ver has access to said non- 
EJB CORBA object method and a non-shadow KIB object method. 

3. (currently amended) The process of claim 1, further comprising: 

receiving m\ assigned user role for a requesting usci- of a client compntci- connected to the 

server; 

storing said user role in the server; 

generating a nicthod-role mapping table to define an authorized role to access said noiv 
EJB CORBA object method, and 

comparmg said assigned user role with said authorized role to determine if said 
requesting user is authorized to access said nun-bJB CORBA object method. 
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4. (cunently amended) A computer system server for providing a non-En terjirise JavaBcarj 
(EJB) CoiTiman Object Broker Request Architecture (CORBA) object method, said computer 
system server comprisixxg: 

means lor receiving at the computer system server a request from a requesting usci* for 
the non-EJB CORRA object method; 

means for directing siiid request to a shadow EJB objecl method, said shadow EJB object 
method being a complementary method to the non-RTB CORBA object metho d, wherein the 
shadow EJB object metlind is inc apable of nerformina any fimclion other than accessing an ETP 
security system in response to a Teuuest for the shadow EJB ohiect method, thus enabling an 
authorizati on for a snecific reouestmfi nser to access a non-EJB CORBA object tliat contains the 
non-EJR CORBA object method ; and 

means for obtaining authorization from [[a security sei"vicell the EJD security system to 
access the non-^EJB CORBA object method based on [[a role of a requesting user]] an 
auttiorization for the s pecific rcqucistinK user to access tiie sliadow E.TR object. 

5. (ciUTcntly amended) The computer system server of claim 4, wherein the computer 
systCTn server has access to said non-EJB CORBA object method and a noa-shadow EJB object 
method. 



0. (currently amended) The computer system server of claim 4, further comprising: 

means for receiving a user role for a requesting user of a client computcsr comiected to the 

computer system server; 

means for storing said user role in the computer system server; 

means for generating a method-role mapping table to define an authori/.ed role to access 
said non-EJB CORBA t>bject roethod; and 

means for comparing said user role witli said authorized role to determine if said 
requesting user is authorized to access said non-EJB CORBA object method. 

7. (currently amended) A computer program product, residing on a tanciblc computer 

usable meduun, lor accessmg a non-bntciprise JayaBcau (JiJB) common Object Broker Request 
Aicltitecture (COT^BA) objecl method on a server, said computer program product comprising: 
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program code means for receiving at a server a request from a requesting user for a rmt. 
EJB CORBA object method; 

program code means for dircoling said request to a shadow EJB object metiiod, said 
shadow EJB object method being a complementary method to tlie m»n-EJB CORBA object 
method, wherein the sliadow EJB object method is inr.»i>able of HerfoTmiim anv fimrtinn ntt»rr 
than accessina an BJI? securitv system in response t o a request for the .shadow EJB obicscL 
method, thus enahlinc an attthori/ation for a snet-ifir. leoucatinK user to access a noivFrU 
CORBA object that oonlai ns the non-EJB COUBA ob ject mnthml; and 

ptioerani code means for obtaining authorization ftxjm [fa security service]] the n.TB 
syyurity 3Ystem lo access the Jion>E.TB CORBA object method based on [fa role of a requesting 
"s^iJ an authorization tor the sp ecific reouesting user to aenuss the shadow EJB ohim 

8. (cmrenlly amended) The computer program product of claim 7, wherein said server has 
access to said flg^i-EJB CORBA object method and a non-shadow P.JB object method. 

9. (cuirently amended) The computer program product of claim 7, further comprising: 

program codu means for receiving an assigned user role for a requesting user of a client 
computer connected to the server; 

program code means for storing said xiser role in the server; 

program code means for generating a method-role mapping tabic lo detine an authorized 
role to access said non-EJE CORBA object method; and 

program code means for comparing said a-ssigncd user role with said authorized role to 
determine if said requesting u.ser is authorized to access tfaid non-RJH CORBA object method. 

10. (new) The method ofolaim 1, wherein the authorization is based on a roie of the specific 
requesting user, wherein the role is based on the ."specific requesting user's job description in an 
enleiprise. 

1 1 . (new) The computer system server of claim 4, wherein the autJiorization is based on a 
role of the specific requesting u.';er, wherein the role is based on the specific requesting user's job 
description in an enterprise. 
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1 2. (new) 1 he computer program product of claim 7, wherein the authorization is based on a 
role of the specific requesting iiser» wherein Lhe role is based on the specific requcatirig user's job 
dciicription in an cnlcrpiise. 
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